The PromptSpy Android malware uses on-device generative AI to automate the creation of convincing social-engineering messages and phishing lures, enhancing its ability to steal credentials and deploy further malicious components. This AI-driven automation allows it to better mimic trusted communications and bypass static security defenses. The article recommends implementing behavior-based monitoring, strict app controls, and ongoing mobile-security awareness as defensive measures.
New research has identified PromptSpy , the first Android threat to actively leverage generative AI techniques to enhance phishing and fraud on mobile devices. Rather than simply harvesting credentials, the malware uses AI-driven prompts to craft convincing social-engineering messages, refine phishing lures, and automate deceptive interactions that coax users into revealing sensitive data or installing additional malicious components. By combining traditional mobile malware with on-device AI automation, attackers can more effectively mimic trusted communications and bypass static defenses. As mobile devices remain primary gateways for financial services and corporate access, the findings highlight the need for behavior-based monitoring, strict app controls, and ongoing mobile-security awareness.